It’s vital to understand the latest cyber security threats. Data-driven decision-making can be crucial to improving your cyber security risk posture. The problem for chief information security officers (CISOs) is getting hold of the right data; it must be actionable and framed in a business context that makes it relevant to critical stakeholders. In its absence, CISOs can sometimes make the mistake of dogmatically enforcing security best practices, whether they're appropriate for the organization or not.
Verizon’s annual Data Breach Investigations Report (DBIR), conducted since 2008, offers strategically impactful information and data points on the recent cyber security threats, so CISOs and their colleagues can make better decisions. To keep up with Verizon’s latest findings and up-to-date on security industry trends, sign up here.
What are the latest cyber security threats?
The reality is the cyber threat landscape is a continuum because as technologies advance and evolve, so does the ability of the stealthy, sophisticated cybercriminal to reach bigger and more diverse audiences. That makes it difficult to discern which trends can accurately be described as new threats in cyber security. Today's latest cyber security threats include ransomware, phishing and business email compromise (BEC). These have been around for several years but are still evolving to cause significant risk to global organizations.
In a similar way, user configuration error, supply chain risk and vulnerability exploitation have been threats for some time. But now, they're increasingly coming into focus for CISOs for several reasons. These include:
- Stretched IT teams and global skills shortages
- Greater use of automated tools by threat actors
- More complex supply chains and IT environments
- More home and remote working
- Broader corporate cyber attack surfaces
The impact of these recent cyber security threats can be linked to possible data loss, operational outages and malware infection. These could result in significant financial and reputational damage. Let's take a look at three of the latest cyber security threats to re-emerge as serious risks to your business.
User configuration error
According to the most recent DBIR, "misconfiguration" was by far the most common sub-category within "miscellaneous errors," accounting for over half (52%) of incidents. It particularly affects data stores, including cloud-based file storage and relational or document databases placed online with zero protection.
This is not the only kind of configuration issue that could create major cyber risk exposure. Remote Desktop Protocol (RDP) endpoints with poorly configured passwords are one of the top initial access vectors for ransomware actors. However, it is cloud misconfiguration that looms particularly large over organizations today.
92% of enterprises now have a multi-cloud strategy, making it even more challenging to understand how each environment works and what the most secure configuration is.
Gartner’s® ‘cloud shift’ research includes only those enterprise IT categories that can transition to cloud, within the application software, infrastructure software, business process services and system infrastructure markets. By 2025, 51% of IT spending in these four categories will have shifted from traditional solutions to the public cloud, compared to 41% in 2022. Almost two-thirds (65.9%) of spending on application software will be directed toward cloud technologies in 2025, up from 57.7% in 2022.1
Threat actors are increasingly looking to scan for and steal, ransom or destroy the contents of unprotected online data stores, contributing to the rise of recent cyber security threats.
According to Verizon, verticals most exposed to misconfiguration risk include:
- Information
- Arts, entertainment and recreation
- Education
- Public administration
They should look to continuous compliance monitoring solutions like Cloud Security Posture Management (CSPM) to mitigate these risks, and apply the CIS Control known as "Secure Configuration of Enterprise Assets and Software" to build security into systems from the start.
Supply chain risk
Supply chain attacks are another example of recent cyber security threats that aren't actually new but have recently been used in high-profile campaigns by threat actors. No industry is safe. The complexity of modern supply chains, including the delivery of digital products and services, provides a huge opportunity for attackers. And complexity is the enemy of security.
According to Verizon, incidents with "secondary" motives—that is, where the goal was to leverage victim access to carry out follow-on attacks—was the second most popular after "financial" last year, accounting for over a fifth of incidents. The report claims that most of these breaches are "simple in nature," which suggests that catastrophic events like the Kaseya or SolarWinds campaigns are still the exception. But even a "simple" supply chain breach could have a serious impact on your organization. According to research from BlueVoyant, over 90% of global organizations suffered such a breach in 2021.
The challenge is not only the size of supply chains but also current point-in-time auditing, which is often heavily reliant on manual processes. CISOs must switch from static questionnaires to continuous monitoring of suppliers—and rapid remediation if risks emerge.
Unpatched vulnerabilities
ProxyLogon, SpringShell, Log4Shell—these are just a handful of the latest cyber security threats that have emerged over the past year. But it's not just these boardroom attention-grabbing vulnerabilities that you need to patch. Threat actors may also exploit bugs from years ago that have since fallen under the radar.
As Verizon explains, it's not necessarily the amount of time since discovery that determines why actors target specific vulnerabilities; it's what capabilities exploitation provides to the attacker, alongside the "robustness of current working exploits and payloads."
No sector has a handle on this yet. The key is to prioritize according to risk to your specific organization, using automated tools to apply patches as required. As Verizon says, the ideal is "to patch smarter, not harder." This will not only make your organization more secure but also enhance IT productivity and minimize burnout by ensuring time is not wasted on patches that won't do much for the organization.
Improving cyber risk readiness
What do these new threats in cyber security have in common? They all require organizations to enhance their readiness to mitigate serious cyber risk. The right provider could help your enterprise go beyond preparedness and resilience to improve IT ROI, transform critical business processes and enhance competitive advantage. Managed services can help by:
- Providing continuous risk assessments and monitoring to measure the effectiveness of cyber risk controls and practices in your organization
- Delivering ongoing services to better manage cyber risk, such as DDoS mitigation, threat intelligence and threat detection and response
- Reducing operational and staffing costs associated with in-house risk management
- Freeing staff to focus on high-value tasks in other area
Sign up here for Verizon's 15th Annual Data Breach Investigations Report for all the latest information on cyber security trends.
The author of this content is a paid contributor for Verizon.
1Gartner Press Release, Gartner Says More Than Half of Enterprise IT Spending in Key Market Segments Will Shift to the Cloud by 2025, Susan Moore, February, 2022. GARTNER is the registered trademark and service mark of Gartner Inc., and/or its affiliates in the U.S. and/or internationally and has been used herein with permission. All rights reserved.